2

I assume that my case is weird but I've the following information:

  • IV: 0x263e or 0x3e26
  • Auth tag: 0x25
  • AES256-GCM encrypted payload: 0x4eec96df534ade4c013a
  • AES256-GCM decrypted payload: 0x0041e36baf2648090174

Regarding the length of the IV and Auth tag, I'm wondering if it is possible to guess the key used to encrypt the payload ?

Maarten Bodewes
  • 96,351
  • 14
  • 169
  • 323
Guillaume
  • 21
  • 2

1 Answers1

0

No.

The short authentication tag makes for high probability of forgery. But that's not relevant here.

The short nonce limits the number of messages that can safely be encrypted with the same key—indeed, narrowing it down to two possibilities limits it to two messages. But you have only one message.

What's left is breaking AES. Good luck!

Squeamish Ossifrage
  • 49,816
  • 3
  • 122
  • 230